Social Ombudsman activities’ privacy statement |

Social Ombudsman activities' privacy statement

Articles 13 and 14 of the EU General Data Protection Regulation

Data Protection Act (1050/2018)

Articles 13 and 14 of the Combined Data Subject Information Document (EU Data Protection Regulation 2016/679).


1. Controller

Seinäjoki University of Applied Sciences
Kampusranta 11, Frami F
FI-60320 Seinäjoki, Finland
+358 20 124 3000

2. Controller’s representative

Arto Rautajoki, Director of Development, SONet BOTNIA
+358 40 8300 366

2a. Official responsible for the personal data file

Taina Holappa, Social Ombudsman
tel. +358 40 830 0490

2b. Contact persons in matters relating to the data file

Taina Holappa, Social Ombudsman
tel. +358 40 830 0490

2c. Contact details of the Data Protection Officer

Jarmo Jaskari, Data protection officer
tel. +358 40 8680680

3. Name of the data file

Register of the Social Ombudsman in Southern Ostrobothnia

4. Purpose of processing personal data/data file use

Collection of general statistical data on the activities of social ombudsmen by task area using the Webropol system to facilitate reporting to municipalities. Direct personal data are not collected, the municipal data is also made unidentifiable by pseudonymizing them (using a series of numbers in random order). Webropol is used to collect completely anonymous statistical data, so that the data collected does not pose a danger to data subjects and does not ask for direct identification data, actual personal data, etc. It is not possible to find out identity by combining the data.

The personal data of an individual customer are temporarily stored on a common disk drive for social ombudsman activities in order to facilitate contact and processing. The disk drive can only be used by the social ombudsman and his deputies appointed by the organization providing services to his municipalities, SONet BOTNIA, Seinäjoki University of Applied Sciences Ltd for social ombudsman activities.

The social work professionals involved in the provision of the social ombudsman service are bound by professional secrecy. If the disk drive is not available for any reason, the data is temporarily stored on paper and in a locked cabinet with the key held only by the social worker. As a general rule, the aim is not to collect register data and to destroy the data immediately when the case has been completed or transferred to the responsibility of an official actor, eg complaints, grievances, etc.

5. Purpose of maintaining the data file

Statutory obligation of the controller. Reporting the use of social ombudsman activities to municipal councils by task at least once a year using the Webropol tool, not the storage of identifiable customer data.

Storing customer and contact information in social agent activities on a shared disk drive (limited access) for contacts during the handling of a customer case, after which customer-specific information is destroyed.

5a. Data content of the file

  • contact information
  • public / private service specification
  • municipal information pseudonymized as the number
  • contact-specific breakdown of contact
  • quality
  • subject
  • measures
  • general content

No customer-specific, identifiable information.

On a shared network drive with temporary access, temporarily provide customer and contact information to resolve the issue, which will be removed from the drive once the customer case has been processed.

5b. Information systems using the data file

  • Webropol
  • Microsoft Office (Outlook encrypted)
  • Separate security mail

6. Regular sources of data

  • Information provided by the customer

7. Regular disclosure of data

Once a year, social ombudsman activities are reported to municipalities using this register information.

8. Transfer of data outside the EU or the EEA

The data will not be disclosed outside the EU or the European Economic Area.

9. Principles of data file protection

A. Manual material

Paper material is stored in locked cabinets and locked spaces. Access to the material is restricted to data processors.

B. Computer-processed data

The electronically processed material is stored on SeAMK’s internal network disk, protected from third parties by personal usernames and passwords. Only employees whose job description requires processing of the registers can access the register.